This product is not supported for your selected Datadog site. ().
This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

aws_guardduty_detector

account_id

Type: STRING

coverage_statistics

Type: STRUCT
Provider name: CoverageStatistics
Description: Represents the count aggregated by the statusCode and resourceType.

  • count_by_coverage_status
    Type: STRING
    Provider name: CountByCoverageStatus
    Description: Represents coverage statistics for EKS clusters aggregated by coverage status.
  • count_by_resource_type
    Type: STRING
    Provider name: CountByResourceType
    Description: Represents coverage statistics for EKS clusters aggregated by resource type.

created_at

Type: STRING
Provider name: CreatedAt
Description: The timestamp of when the detector was created.

data_sources

Type: STRUCT
Provider name: DataSources
Description: Describes which data sources are enabled for the detector.

  • cloud_trail
    Type: STRUCT
    Provider name: CloudTrail
    Description: An object that contains information on the status of CloudTrail as a data source.
    • status
      Type: STRING
      Provider name: Status
      Description: Describes whether CloudTrail is enabled as a data source for the detector.
  • dns_logs
    Type: STRUCT
    Provider name: DNSLogs
    Description: An object that contains information on the status of DNS logs as a data source.
    • status
      Type: STRING
      Provider name: Status
      Description: Denotes whether DNS logs is enabled as a data source.
  • flow_logs
    Type: STRUCT
    Provider name: FlowLogs
    Description: An object that contains information on the status of VPC flow logs as a data source.
    • status
      Type: STRING
      Provider name: Status
      Description: Denotes whether VPC flow logs is enabled as a data source.
  • kubernetes
    Type: STRUCT
    Provider name: Kubernetes
    Description: An object that contains information on the status of all Kubernetes data sources.
    • audit_logs
      Type: STRUCT
      Provider name: AuditLogs
      Description: Describes whether Kubernetes audit logs are enabled as a data source.
      • status
        Type: STRING
        Provider name: Status
        Description: A value that describes whether Kubernetes audit logs are enabled as a data source.
  • malware_protection
    Type: STRUCT
    Provider name: MalwareProtection
    Description: Describes the configuration of Malware Protection data sources.
    • scan_ec2_instance_with_findings
      Type: STRUCT
      Provider name: ScanEc2InstanceWithFindings
      Description: Describes the configuration of Malware Protection for EC2 instances with findings.
      • ebs_volumes
        Type: STRUCT
        Provider name: EbsVolumes
        Description: Describes the configuration of scanning EBS volumes as a data source.
        • reason
          Type: STRING
          Provider name: Reason
          Description: Specifies the reason why scanning EBS volumes (Malware Protection) was not enabled as a data source.
        • status
          Type: STRING
          Provider name: Status
          Description: Describes whether scanning EBS volumes is enabled as a data source.
    • service_role
      Type: STRING
      Provider name: ServiceRole
      Description: The GuardDuty Malware Protection service role.
  • s3_logs
    Type: STRUCT
    Provider name: S3Logs
    Description: An object that contains information on the status of S3 Data event logs as a data source.
    • status
      Type: STRING
      Provider name: Status
      Description: A value that describes whether S3 data event logs are automatically enabled for new members of the organization.

features

Type: UNORDERED_LIST_STRUCT
Provider name: Features
Description: Describes the features that have been enabled for the detector.

  • additional_configuration
    Type: UNORDERED_LIST_STRUCT
    Provider name: AdditionalConfiguration
    Description: Additional configuration for a resource.
    • name
      Type: STRING
      Provider name: Name
      Description: Name of the additional configuration.
    • status
      Type: STRING
      Provider name: Status
      Description: Status of the additional configuration.
    • updated_at
      Type: TIMESTAMP
      Provider name: UpdatedAt
      Description: The timestamp at which the additional configuration was last updated. This is in UTC format.
  • name
    Type: STRING
    Provider name: Name
    Description: Indicates the name of the feature that can be enabled for the detector.
  • status
    Type: STRING
    Provider name: Status
    Description: Indicates the status of the feature that is enabled for the detector.
  • updated_at
    Type: TIMESTAMP
    Provider name: UpdatedAt
    Description: The timestamp at which the feature object was updated.

finding_publishing_frequency

Type: STRING
Provider name: FindingPublishingFrequency
Description: The publishing frequency of the finding.

service_role

Type: STRING
Provider name: ServiceRole
Description: The GuardDuty service role.

status

Type: STRING
Provider name: Status
Description: The detector status.

tags

Type: UNORDERED_LIST_STRING

updated_at

Type: STRING
Provider name: UpdatedAt
Description: The last-updated timestamp for the detector.